Although applicable to communication networks in general the present invention will be described with regard to a mobile network. Although applicable in general to any trust architecture, the present invention will be described with regard to a web-of-trust.
Usually a communication network is organized in a central manner with centralized entities and one or more base stations connected to the centralized entities to which users can connect with their mobile devices. However in a disaster, for example when an earthquake destroys some of the connections of the network, the network is fragmented into several network “islands” due to failed connection links to the centralized entities. However, users can still move among several of the network islands over time, for example a user walking towards help/rescue with his mobile phone, trying to connect to functional base stations along the way, and connect each time to any functional network equipment in each “visited” island of the fragmented network. Due to the disconnected islands a user cannot use the centralized entities of the communication network, for example to authenticate a received message. In non-fragmented mobile communication networks, for example users are authenticated via the centralized entities and therefore an authentication in a fragmented network is not possible, due to a disconnection from servers of a security infrastructure such as a public key infrastructure or the like.
Conventional methods which do not rely on a trusted third party like the centralized authentication entity use, for example, so-called self-certifying names having the property that any entity in a distributed system can verify a binding between a corresponding public key and a self-certifying name without relying on a trusted third party, see for example in the non-patent-literature of T. Aura: “Cryptographically Generated Addresses (CGA)”, RFC 3972. Therefore for example a first party is enabled to digitally sign data associated with a self-certifying name and any receiving second party can verify the signature without relying on the trusted third party like a central authentication authority. However, self-certifying names lack a binding between a corresponding real-world identity: Self-certifying names enable to verify that whoever signed data was in possession of a private key associated with the self-certifying name but do not enable to verify what real-world entity corresponds to the public key, i.e. who actually signed the data, e.g. as mentioned in the non-patent literature of A. Ghodsi et al.: “Naming in Content-Oriented Architectures”, 1st Sigcomm ICN Workshop, 2011.
To overcome this problem in the non-patent literature of J. Seedorf: “Using Cryptographically Generated SIP-URIs to Protect the Integrity of Content in P2P-SIP”, 3rd VoIP Security Workshop, 2006 was disclosed to provide such a binding between a public key and a real-world identity a public key infrastructure or a web-of-trust is used. However, one of the problems is that the number of trust relationships in a web-of-trust scales exponentially with the number of web-of-trust users.